ALEXANDRIA, Va. (May 22, 2017) – In the wake of the “WannaCry” global ransomware attack, the National Credit Union Administration reminds federally insured credit unions to verify they have effective controls in place to prevent similar attacks.
NCUA provides credit unions with extensive information on protecting systems, cybersecurity preparedness, and ransomware defense strategies at its
Cybersecurity Resource Center.
The WannaCry attack hit more than 300,000 victims in more than 150 nations, disrupting critical infrastructure, like healthcare, in some countries. This attack paired malware designed to exploit known Windows vulnerabilities with ransomware to infiltrate and encrypt data on affected systems. Systems using supported versions of Windows with up-to-date security patches were not affected. Affected organizations with robust incident response and system backup practices were capable of recovering with limited impact. Strong basic cyber hygiene practices can prevent infection by most types of ransomware.
This attack was designed to spread to new machines and systems and did not require a user to perform an action like opening an email attachment in order to spread the ransomware. Although the attack has so far had limited impact in the United States, NCUA expects to see similar and increasingly sophisticated attacks of this nature. That is why it is essential that federally insured credit unions validate their cyber defenses, especially those practices that can prevent attacks like WannaCry from affecting their systems in the future.
NCUA is the independent federal agency created by the U.S. Congress to regulate, charter and supervise federal credit unions. With the backing of the full faith and credit of the United States, NCUA operates and manages the National Credit Union Share
Insurance Fund, insuring the deposits of account holders in all federal credit unions and the overwhelming majority of
state-chartered credit unions. At MyCreditUnion.gov, NCUA also educates the public on consumer protection and financial literacy issues.